OFF-ROAD VEHICLE DIAGNOSTICS WITH AUTOSAR Jigar Patel Namdeo Dhawle July 18, 2018
AGENDA Motivation of UDS diagnostics in Agriculture and Construction Vehicles UDS vs J1939 Challenges and Proposed solutions Co-existence of UDS and J1939 Diagnostics AUTOSAR diagnostics approach Key take-aways
MOTIVATION OF UDS DIAGNOSTICS IN AGRICULTURE AND CONSTRUCTION VEHICLES Increased EE complexity in Off-Road vehicles Crypto Security needs Programming over Ethernet (DOIP) Enhanced services e.g. IO control, Routine control and Readwrite data by Identifier Sessions handling Need of industry standard tools and description formats(pdx, ODX)
UNIFIED DIAGNOSTICS SEVICES Protocol Control and Communication Open Diagnostic exchange (ODX) Security Physical Layer Independent Read Write Command Calibrate Machine Readable (XML Format) Description of Diagnostic Content Seed/Key Multiple Access Levels Attempts Exceeded Industry Standard Special Test and more Variant Configuration Tester Present Future Cybersecurity ECU1 Reading/Command Request Positive Response (Data) Note: Referenced from Vector Informatik GmbH.
Note: Referenced from Vector Informatik GmbH. UDS VS J1939 J1939 PGN describes a service type UDS Data Payload describes a service type Cyclic Diagnostic Messages (e.g. DM1) J1939 Tester [[Prio + Request PGN + Dest Addr + Src Addr] [Requested PGN]] ECU [[Prio + Requested PGN + Dest Addr + Src Addr] [PGN Data]] [[Target ID] [Requested Service ID +Data]] UDS Tester [[Source ID] [Requested Service ID + Data]] ECU
CHALLENGES Inclusion of UDS with existing J1939 diagnostics Needs of inclusion Don t want to loose proprietary Diagnostic Solution In Off road vehicles doesn t have a control on implements (Implements can be from different suppliers) Implements may contains both UDS and J1939 Diagnostics
PROPOSED SOLUTIONS OSI Layer Off Road Vehicles On Road Vehicles 7 Application SAE J1939-71/73 ISO 15765-3 ISO 14229-1 6 Presentation User Defined 5 Session ISO 15765-3 4 3 Transport Protocol Network Layer SAE J1939-21 ISO 15765-2 SAE J1939-31 ISO 15765-2 2 Data Link SAE J1939-21 (ISO 11898-1) ISO 11898-1 1 Physical Layer SAE J1939-11/15 User Defined (J2284, J2411, ISO11898-2/3, etc.)
CO-EXISTENCE OF UDS AND J1939 DIAGNOSTICS Solution1: Standard J1939 PGNs Using standard J1939 PGNs, we can make same structure of the CAN ID as normal J1939 messages There are 4 reserved J1939 PGNs for the same: PGN 0x00CD00 0x00CE00 0x00DA00 0x00DB00 Message type Mixed Addressing Functional Mixed Addressing Physical Normal fixed addressing Physical Normal fixed addressing Functional Note: Referenced from ISO 15765-3
CO-EXISTENCE OF UDS AND J1939 DIAGNOSTICS Solution 2: User defined CAN-ID By defining two Data Page bits (EDP and DP) it can differentiates these messages from any other on the network to avoid conflicts. Note: Source Address and Destination Address fields shown here are not the same as the J1939 Source and Destination Addresses Note: Referenced from ISO 15765-3
AUTOSAR DIAGNOSTICS APPROACH RTE Dcm Dem J1939Dcm PduR CanTP J1939TP Tester CanIf CanDrv CAN Bus
ADVANTAGES WITH COEXISTENCE OF UDS AND J1939 Able to achieve both legacy as well as industry standard diagnostics Multiple access level support Node Authentication using J1939 Protocol Easley able to adapt Crypto security with proprietary diagnostic solution Remote Diagnostic can be possible using Ethernet
KEY TAKEAWAYS UDS Protocol needs in Off-Road Vehicles Difference between UDS and J1939 Diagnostics Architecture of UDS and J1939 Coexistence in AUTOSAR Advantages of UDS and J1939 Coexistence
OFF-ROAD VEHICLE NETWORK SECURITY WITH AUTOSAR Ritesh Kondekar July 18, 2018
AGENDA Need of Vehicle Network Security Challenges to implement security Aspects of Network Security Network Security in AUTOSAR
NEED FOR VEHICLE NETWORK SECURITY Controllers communicates engineering data on vehicle network Sensor data available on network Storage of feature enabler parameters User/field specific data on network or remote server Right to repair legislation threat to software integrity Reliable authentication from sender Encryption to protect IP Unauthorized reprogramming of controller
CHALLENGES TO IMPLEMENT SECURITY AES, DES, SHA, RSA are established security algorithms Cryptographic key generation and storage is critical. Need for HSM CAN network bandwidth is bottleneck for Authentication overheads Not all controllers have CANFD transceiver Vehicle platform exhibit different network topology Upcoming Right to repair legislation may hinder encryption
ASPECTS OF NETWORK SECURITY Secure Boot Flash integrity with crypto-secure algorithm Full Boot Block validation every startup Secure Reprogramming Digitally Signed Code and Encrypted Communications End-to-End Protection of Software Payloads Secure Communication Authentication and Encryption of data Mechanism to prove freshness of messages Secure Certificate Secure Debug In-Production ECU Debugging Secured Engineering Modes for ECUs Secure Diagnostics Secured Engineering Diagnostics Compliance with Regulations while protecting IP Secure Calibration Zones & Levels of Access based on parameter sensitivity Compliance with Regulations while protecting IP Third party Authentic Certificate provider Certificate validation mechanism for ECU on bus
NETWORK SECURITY IN AUTOSAR CDD for Encryption Integrated CDD for Authentication and Encryption Source: Vector Ref documents
QUESTIONS??